The database password

Similar Questions

• Conservation of the database passwords, roles, profiles, grant prior to the updating of the Prod in the Dev environment.

  Hi Pro DBAs,

  I create a script to capture the user password associated profile password, roles, dblinks, and grants from the database of all (development) before updating the it production environment. I was able to get the ddl to re-create all above animals with the exception of profile and dblink.

  I need the ddl that creates this statement: modify the user profile of username "ProfileName";  and even for the dblink.

  Any help is appreciated

  Including another post we can do also using REGEXP

  SELECT 'ALTER USER' | USER NAME | ' PROFILE '. PROFILE | » '||';' FROM DBA_USERS;

  This will generate the required sql statement, we can create any statement, we want this way. The pipe symbol concatenate the required columns of table to your personalized instruction.

• How can you not see the database password?

  Hi all

  11.2.0.1

  AIX 6.1

  We have a lot of batch runs during the night. The operator is generally one who executes the batch programs.

  There and the id of the "oper" on the side of the BONE but do not have database connection IDs.

  It cannot run batch scripts that connect to the base data id "appadmin" identified on the outside so it can not see the password.

  Is it possible to do or it it deals a secure way to share of turnover? Can you share how secure you your batch run passwords?

  Thank you very much

  zxy

  Usually, the lots are automated or initiated by another tool (for example, control-m).

  You should raise questions about the encryption of data in a separate thread.  I can't answer.

  Hemant K Collette

• Change database password

  Hello
  Can someone point me in the right direction with regard to the modification of the IOM database on 9.1.0.2 password?
  
  We have recently changed the password and I have updated the xlconfig.xml file and updated two XML files located in the area of the project using the method described in the article:
  http://docs.Oracle.com/CD/E13222_01/WLS/docs81/admin_ref/utils17.html
  
  I copied the generated output and edited the < encrypted password > node in the XML files.
  
  We run WebLogic 10.3.3, on database 10g, 9.1.0.2 BP14 installed.
  
  IOM starts up if we get a system error message, but a refresh brings to the top of the login page. After trying to identify the following error is recorded in our log files:
  ERROR, February 14, 2012 08:49:45, 138, [XELLERATE. WEBAPP], class/method: tcLogonAction/performance meets certain problems: error occurred when connecting - exception Code: DB_READ_FAILED
  Thor.API.Exceptions.tcAPIException: An error occurred during the connection - exception Code: DB_READ_FAILED
  
  I guess it has to do with the change of password, but I have changed all the files I know. Am I missing a step or missed a file? Is there a better way to change the password of database within WebLogic? The user interface does not allow because of the encryption, and I don't want to go out to clear the text.
  
  Thank you
  Andrew

  To change the database password, there are a few tasks to update.

  Within WebLogic, you'll want to update your JDBC resources with the new password on your two connections listed.

  So as you mentioned in the file xlconfig.xml, you will find the sections for the DirectDB. When the password is in, set it encrypted = false and provide the literal of your new password. Now when IOM begins, it will re - encrypt the xlconfig.xml file, so you can delete the one with plain text.

  -Kevin

• Hide the username / password when connecting to the database

  I need to find a way to hide the user name / password when connecting to the database (via a script), or by encryption or any other method that hides this information when I connect to the database.

  I use Oracle 11 g.

  I tried with the portfolio method, but could not connect to the database of the error below, even the user name and password:

  ERROR:

  ORA-01017: invalid username / password; connection refused

  I plugged this way (after the cover configuration):

  sqlplus /@DB

  Please help me.

  Concerning

  Luiza

  Hi Luiza,

  Try to find out why the portfolio method does not work, check the implementation using ref 340559.1 Note

  Check also for example client and server versions / compatibility, evolves sec_case_sensitive_logon relevant parameter (as a test, because it must be true) etc.

  Greetings,

  Damage ten Monkshood

• User passwords do not work at the level of the application after updating of the database

  Hello

  Working on the updating of the database user passwords do not work for front end users but the same passwords work at the db level.

  We backup before refresh and restraint after the update, but if the user tries to connect to db, they receive the error invalid password/username.

  but passwords are working at the level of the DB if reset us the password then it works fine, but we cannot do this for all users of all time. can someone share the knowledge or solution for this problem.

  DB version: 11.2.0.3

  operating system: AIX

  Thank you

  892574 wrote:

  Yes, the process is correct.

  We are capture passwords user via display SYS. USER$

  I didn't see any errors in the logs I see only out put modified user.

  Thank you

  Do you mean that you update the column SPARE4 of $ USER (which is a table, not a view)? I don't think it will work, because the password is salted with a random string that will be different in the two databases. It might work if you return to the use of passwords for 10g, which are salty with the user name. See here, the 10 GB hash stored in the PASSWORD column is the same in the two databases, but the 11g in SPARE4 hash is different:

  orclz >

  orclz > conn sys/oracle@orclz as sysdba

  Connected.

  orclz > create user fred identified by Ginger;

  Created by the user.

  orclz > select password, spare4 of user$ where name = 'FRED ';

  PASSWORD

  ------------------------------------------------------------------------------------------------------

  SPARE4

  ------------------------------------------------------------------------------------------------------

  9C592D45D54D1FB2

  S:DF5BEC6914DFF48B39261EAA4DCF5746A309E50E791F6F90FBF2F33A8CD5; H:22E34131E43CC3DF07440A0DC2A45F22

  orclz > conn sys/oracle@orcla as sysdba

  Connected.

  orcla > create user fred identified by Ginger;

  Created by the user.

  orcla > select password, spare4 of user$ where name = 'FRED ';

  PASSWORD

  ------------------------------------------------------------------------------------------------------

  SPARE4

  ------------------------------------------------------------------------------------------------------

  9C592D45D54D1FB2

  S:4FE5925E671719B9CA5904C42AAD965753CAC4891C31F1BA9B9DA83D3255; H:22E34131E43CC3DF07440A0DC2A45F22

  orcla >

• Additional measures if I exchange the ADMUSER password for the database?

  Hello:

  Are there measures of application to change the password of database ADMUSER?  I found the note on how to change the PRIVUSER password, but nothing about ADMUSER.   Is it as simple as user admuser identified by "< password >" change

  Thank you

  Laura Sallwasser

  Hi Laura,

  Yes, the ADMUSER password can be changed enough safely.

  PrivUser requires an additional step, given that a hash of the password stored in the table "pubuser".

  Pubuser requires additional steps, insofar as it will be used by and P6 customer installs so they would need to be updated if you change the password for pubuser.

  Concerning

  Alex

• change password of oracle database and reconfig coe for the new password

  I want to change the password for the database for the security issue, but I want to know what configuration should I make in my content on the web Center?

  Hello

  Assuming it as 11 g it is 2 places where change is:

  1 WLS Console - Services - Pool of connections to Data Sources - SDR-

  Here the password section must be changed.

  2. navigate to /ucm/cs/bin and run the system properties applet - database and there. This is necessary if you use the standalone applets like IdcAnalyzer etc.

  Thank you

  Srinath

• Document passwords for the continuity of the database

  First off I'm not an oracle DBA.
  
  But in a perspective of risk/audit/compliance, I attended a recent seminar by which he DB security said it was convenient current for the DBA to document passwords associated DB servers, they manage to plain text in documents. I think some form of continuity.
  
  Some questions are:
  
  (1) why
  
  (2) what you related to these documents
  
  (3) what is the risk to document is not the passwords associated with databases and servers
  
  (4) what passwords you document

  user599292 wrote:

  Yes, it was my guess, the password may be required if the admin was turned off when this credential was required to complete an urgent task, where the need to save it somewhere another admin can access. But I guess in a perspective of sound risk identifying where the password, and who can access it, so it does not fall into the wrong hands...

  These days, having to know the password is rarely necessary to "continuity." And it's been over a decade that I finally saw the password-on-paper-kept-safe-by-manager approach.

  To perform the maintenance on a server (o/s, web, database, etc.), I just need my key public RSA is approved by this server. And to get there, I must provide my private RSA key.

  No secrets to remember. No secret to change often, in case it is accidentally revealed/presentations. And fly an RSA or DSA private key are much more complex than stealing a password.

  So to connect as SYSDBA - rather than use the SYS password to connect, I can log in as user oracle o/s using RSA authentication via ssh on the db server - and then to use the confidence o/s credentials to make an 'internal' connect to the database.

  Servers can also be configured for auditing and logging-which means there is a detailed record of who logged on to the server where. In addition, a dedicated management network can be used - with firewall protection, and allowing only selected IP deals with intranet access to the management for the management servers network via it.

• user and password for the connection with the database command

  Hello
  
  I need to connect to the control of the database but I do not know the password for sys and system users, please, could someone tell me the password?
  
  Concerning

  need to order prompt (windows)

  cmd > set ORACLE_SID = 'database_name '.
  cmd > sqlplus "/ as sysdba".
  sqlplus > alter user username identified by password;

  You can change any user password by above the command using sys as sysdba or / as sysdba.

• Unable to connect to the database instance: ORA-28001: the password has expired

  Hi all
  
  I'm on oracle 11g grid.
  
  
  I get unable to connect to the database instance: ORA-28001: the password has expired (ERROR of DBD: OCISessionBegin) error.
  
  I checked and found that my user dbsnmp expired password. I found the page on the grid control to change the password of user dbsnmp.
  
  but I want to know. If I changed dbsnmp password using the grid control. Is there any other task I have to do after the change of user dbsnmp password.
  
  Please let me know.
  
  
  Thank you

  Hi PK,.

  If GC can reuse the monitored GENERAL to connect to the database account I can't think of anything you should do.
  The database, what has happened is an 11g database? If so the security policy has been changed in this version, which means that in half a year you will still have a locked account of DBSNMP.

  If your company security policy allows, you can avoid this by changing the password_life_time to an unlimited number of default profile:
  change the default profile limit password_life_time unlimited;

  Eric

• issues of database and the remote password (Connector/J)

  I am creating a Java desktop app and I'm having a few problems. I use to use Java with mysql connector/J.
  
  First of all it is possible, a desktop application, to access a MySQL database stored on a Web host?
  
  Secondly, I have to distribute and install the driver Connector/J with my program?
  
  I mean, how the hell do I keep my password of database safely within the program? If the Java code can be easily decompiled then surely anyone with a little knowledge of Java could find my database password in my source code? Even if stored in a separate and encrypted file, probably the location and encryption method must be stored in the source code?
  
  Thanks, Jim

  Hello

  If the host is accessible via the public IP address or some kind of proxy, then I see no problem. You just need to create a connection string correctly.

  Of course, there is a need to distribute the driver with the application. Otherwise how do you imagine your application running without the necessary libraries?

  Store the password db is a bit more complicated. Even if it's encrypted a specific user will always manage to get it. For the same reason, distribute a desktop app with a password for db stored inside, is not a good idea. I suggest you write a proxy server little. Desktop applications will connect to the server that will access the DB. The proxy will query the DB and return the result in a response, it is much easier to secure the password in this way.

  The desktop application should also be a connect/disconnect feature to prevent access to unauthorized users.

• How to change the password for all users in the database

  Hi buddies!
  
  Could someone tell me how to change the password for all users in the database? I want to set the same password for all users.
  
  Thank you.
  
  Nith
  
  Published by: user645399 on March 1, 2011 14:23

  Write the file spooling
  as

  Make sure that all profiles has password_verify_function with a NULL value

  then

  Select 'edit user' | username: ' identified by ;' from dba_users;

  you will get the output... you just run.

• On the remote host MySQL database: password encryption?

  Hello

  I discovered the world of PHP and MySQL in the last days. I didn't get all the intricacies still but nevertheless I managed to set up a server "localhost" on my computer, create a MySQL database and display correctly information in this database in HTML using PHP pages.

  I am now at the stage of transferring it to the remote host where the site will happen: I exported my database, imported these information in the database on the server host and I n unexpectedily even just to get my PHP/HTML pages to connect to this database. It's great.

  I have one question. I've read a lot of thread in this forum about this, but haven't seen an answer: must the password encryption? I mean, when I connect to a database using DW CS4, the software creates for me a connections folder in my Web site root folder and stores inside a little PHP to the folder with the server name, database name, user name and password which are necessary to allow PHP to connect to the MySQL database. It is all printed clearly in there. Once which is transferred to the remote host, it is always accessible to anyone? Should I not worry and try to hide the password?

  Any thoughts on this would be greatly appreciated.

  Emilie

  Thread moved to Dreamweaver application development forum, which addresses other issues aside and PHP/MySQL server.

  As long as the server is enabled in PHP, put the connection details in a PHP file like this is not a problem. PHP code is processed on the server. Only its output is sent to the browser. Even if someone guesses the name of your connection file, they won't see anything if they try to load the page in a browser. The only way they can see it is to hack into the server. It is important to have passwords on your FTP account.

• Oracle 11g save the BC4J password in the database?

  In 10g, Oracle stores the password in the database encrypted in bc4j.xcfg.
  
  However, 11 g, it seems that Oracle is not saving the password in any file (I checked connections.xml and bc4j.xcfg). Oracle records db password in database system?
  
  I ask this question because we are going to deploy a Java ADF program on the production that I don't have access. I wonder if I need JDeveloper for access to the production environment to configure the credentials for the connection to BC4J in the database server.
  
  Edited by: huaichen on July 22, 2010 12:20

  Hi huaichen

  Documentation "15.3.2 Packaging credentials with the Application.
  at http://download.oracle.com/docs/cd/E14571_01/core.1111/e10043/devmancfg.htm#JISEC2949
  says "the credentials of the applicationare defined in a file that must be named cwallet.sso. ..."

  Thus, looking for documentation for "cwallet.sso" might help.

  success
  Jan